# API Routes

Route list, methods, paths, expected input/output

# API routes

## API Routes

These routes provide a secure, token-authenticated interface for interacting with blocklists, agent configurations, and unblocking systems.

All routes are protected via the `TokenAuthentication` middleware.

---

### 🔒 Authentication

All API endpoints require a valid token passed via headers or parameters.

---

### 📌 Blocklist Endpoints

<div class="overflow-x-auto contain-inline-size" id="bkmrk-method-path-descript"><table data-end="961" data-start="469"><thead data-end="550" data-start="469"><tr data-end="550" data-start="469"><th data-end="478" data-start="469">Method</th><th data-end="508" data-start="478">Path</th><th data-end="550" data-start="508">Description</th></tr></thead><tbody data-end="961" data-start="633"><tr data-end="714" data-start="633"><td>POST</td><td>`/blocklist/report`</td><td>Report an IP to be blocked</td></tr><tr data-end="797" data-start="715"><td>POST</td><td>`/blocklist/unblock`</td><td>Request removal of an IP from blocklist</td></tr><tr data-end="879" data-start="798"><td>GET</td><td>`/blocklist/check`</td><td>Check if an IP is blocked</td></tr><tr data-end="961" data-start="880"><td>GET</td><td>`/blocklist/fetch`</td><td>Fetch all blocklisted IPs</td></tr></tbody></table>

</div>---

### 📌 Whitelist Endpoints

<div class="overflow-x-auto contain-inline-size" id="bkmrk-method-path-descript-1"><table data-end="1323" data-start="996"><thead data-end="1077" data-start="996"><tr data-end="1077" data-start="996"><th data-end="1005" data-start="996">Method</th><th data-end="1035" data-start="1005">Path</th><th data-end="1077" data-start="1035">Description</th></tr></thead><tbody data-end="1323" data-start="1160"><tr data-end="1241" data-start="1160"><td>POST</td><td>`/whitelist/report`</td><td>Report a whitelisted IP or domain</td></tr><tr data-end="1323" data-start="1242"><td>POST</td><td>`/whitelist/remove`</td><td>Remove a record from the whitelist</td></tr></tbody></table>

</div>---

### 🛰️ Agent Endpoints

<div class="overflow-x-auto contain-inline-size" id="bkmrk-method-path-descript-2"><table data-end="1948" data-start="1355"><thead data-end="1453" data-start="1355"><tr data-end="1453" data-start="1355"><th data-end="1369" data-start="1355">Method</th><th data-end="1409" data-start="1369">Path</th><th data-end="1453" data-start="1409">Description</th></tr></thead><tbody data-end="1948" data-start="1553"><tr data-end="1651" data-start="1553"><td>GET/POST</td><td>`/agent/config-check`</td><td>Validate agent config from server side</td></tr><tr data-end="1750" data-start="1652"><td>GET/POST</td><td>`/agent/list-files`</td><td>List tracked files for integrity checks</td></tr><tr data-end="1849" data-start="1751"><td>GET</td><td>`/blocklist/pending-unblocks`</td><td>Fetch unblock requests for review</td></tr><tr data-end="1948" data-start="1850"><td>POST</td><td>`/blocklist/unblock-confirm`</td><td>Confirm that an IP was unblocked</td></tr></tbody></table>

</div>---

These routes form the backbone of external system interaction with the CFM platform, especially useful for:

- **Server agents** checking their config
- **Security automation** scripts reporting IPs
- **Unblock portals** submitting requests for delisting

## 🌐 Web Routes

These routes handle the core frontend and admin-facing interactions, including redirects, unblock forms, and feed outputs.

---

### 🏠 Root Redirect

<div class="overflow-x-auto contain-inline-size" id="bkmrk-method-path-behavior"><table data-end="428" data-start="287"><thead data-end="315" data-start="287"><tr data-end="315" data-start="287"><th data-end="296" data-start="287">Method</th><th data-end="303" data-start="296">Path</th><th data-end="315" data-start="303">Behavior</th></tr></thead><tbody data-end="428" data-start="345"><tr data-end="428" data-start="345"><td>GET</td><td>`/`</td><td>Redirects to `/admin` if logged in, otherwise to `/admin/login`</td></tr></tbody></table>

</div>---

### 🔓 Public Unblock Interface

<div class="overflow-x-auto contain-inline-size" id="bkmrk-method-path-descript-3"><table data-end="731" data-start="468"><thead data-end="533" data-start="468"><tr data-end="533" data-start="468"><th data-end="477" data-start="468">Method</th><th data-end="491" data-start="477">Path</th><th data-end="533" data-start="491">Description</th></tr></thead><tbody data-end="731" data-start="600"><tr data-end="665" data-start="600"><td>GET</td><td>`/unblock`</td><td>Shows unblock request form</td></tr><tr data-end="731" data-start="666"><td>POST</td><td>`/unblock`</td><td>Submits unblock request to backend</td></tr></tbody></table>

</div>Used by users or systems mistakenly blocked to appeal removal.

---

### 📄 Feed Files (Token Protected)

Accessible only with valid token via `TokenAuthentication`.

<div class="overflow-x-auto contain-inline-size" id="bkmrk-method-path-descript-4"><table data-end="1424" data-start="900"><thead data-end="974" data-start="900"><tr data-end="974" data-start="900"><th data-end="909" data-start="900">Method</th><th data-end="935" data-start="909">Path</th><th data-end="974" data-start="935">Description</th></tr></thead><tbody data-end="1424" data-start="1050"><tr data-end="1124" data-start="1050"><td>GET</td><td>`/whitelist.txt`</td><td>IP/domain whitelist</td></tr><tr data-end="1199" data-start="1125"><td>GET</td><td>`/blacklist.txt`</td><td>IP blacklist (for CSF, etc.)</td></tr><tr data-end="1274" data-start="1200"><td>GET</td><td>`/phishlist.txt`</td><td>Phishing domain list</td></tr><tr data-end="1349" data-start="1275"><td>GET</td><td>`/domainblacklist.txt`</td><td>Domain blocklist for RBLDNSD</td></tr><tr data-end="1424" data-start="1350"><td>GET</td><td>`/domainwhitelist.txt`</td><td>Domain whitelist for RBLDNSD</td></tr></tbody></table>

</div>